You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Popup Issues Like Zimp

Very similar problem to Zimp who posted here recently with popups after torrent downloading.

My machine has been problem free for a couple of years, when after a download pop-up and pop-under windows started appearing. Initially I ran Super Anti Spyware, which identified some cookies, which it removed. Immediately afterwards up they came again, and sure enough new cookies had appeared. So I went on an anti-cookie mission and added the google toolbar, changed the pop-up settings to require permission, and still they appeared, starting a pop-under window using a URL that had been OK'ed for cookies, and then turning into a clicksor window. At this point I googled until I found Bleeping Computer and its excellent advice, and started downloading the various tools Hijack this, Malwarebytes AM, Ad-Aware, and Sygate firewall.

Although none of these identified an infection, the pop-ups have stopped, but at the price of Explorer almost not running at all. Every page hangs repeatedly (I have to type this in notepad because it would take an hour in Explorer), crashes, and causes everything to hang in the background.

I was going to follow on the Zimp thread as it sounded so similar, but noted the advice not to run Combofix without adult supervision.

Have I got a malware problem, or a conflict of various anti-malware programs?

BC AdBot (Login to Remove)

Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Download random's system information tool (RSIT) by random/random from here and save it to your desktop.

Double click on RSIT.exe to run RSIT.

Click Continue at the disclaimer screen.

Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.

Submit a File For AnalysisWe need to have the files below Scanned by Uploading them/it to Jotti

Please visit JottiCopy/paste the the following file path into the windowK:\xmss.exeClick Submit/Send FilePlease post back, to let me know the results.

Thanks, the AM scan is still running. There are currently no drives or media in K:\ and F:\ from which to send files to Jotti. I am not even certain what they were at the time, one or the other may have been a different 3g broadband modem which I have changed.

After I made the original post and tried to work around the problems I was having, it became clear that Windows was hanging slightly as well. Working inside a program other than explorer isnt affected, but if you try and open a directory, it may or may not hang, it feels like 30 secs of every minute is spent hanging. You can work inside a program at any time, even to access files within a directory that is hung. Explorer though just locks up solid.

I am puzzled, which is why i wondered if it was an anti-malware conflict caused by having too many things now running concurrently? If you have a suggestion for a good basic set of programs I would be interested.

Another query, is there any reasoin I cant remove the following items with hiJack this? I have no use for Yahoo anymore:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.

Click once on the Security tab

Click once on the Internet icon so it becomes highlighted.

Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:

Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety

MVPS Hosts file<=The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer